#!/bin/sh

iptables -t mangle -F portal
iptables -t mangle -X portal
iptables -t mangle -N portal
iptables -t mangle -A PREROUTING -j portal 
#iptables -t mangle -A portal -s %s -m mac --mac-source %s -j MARK --set-mark 0x02

iptables -t nat -F portal
iptables -t nat -X portal
iptables -t nat -N portal
iptables -t nat -A PREROUTING -j portal
iptables -t nat -I portal -m mark --mark 0x02 -j ACCEPT
iptables -t nat -A portal -d sina.com.cn -j ACCEPT
iptables -t nat -A portal -d 192.168.0.0/24 -j ACCEPT
iptables -t nat -A portal -p tcp --dport 80 -j REDIRECT --to-ports 2060

iptables -t filter -F portal
iptables -t filter -X portal
iptables -t filter -N portal
iptables -t filter -A FORWARD -j portal 
iptables -t filter -A portal -m mark --mark 0x02 -j ACCEPT
iptables -t filter -A portal -d sina.com.cn -j ACCEPT
iptables -t filter -A portal -d 192.168.0.0/24 -j ACCEPT
iptables -t filter -A portal -j REJECT --reject-with icmp-port-unreachable
